1. Technical Field
The present invention relates to physical level-based security technology for data security of a security terminal, which can provide physically reliable security so that data stored in a security terminal is not leaked.
2. Description of the Related Art
Generally, iDisplay (enabling Wi-Fi and USB connection), Splashtop Remote Desktop HD (enabling Wi-Fi, 3G, and other communications), and the like are types of virtual desktop products configured to transmit host-side (Windows or the like) screen information to a terminal device such as a tablet computer, a smart phone, or a normal Personal Computer (PC) in a wired/wireless manner, such as a manner of communicating via Universal Serial Bus (USB), Local Area Network (LAN) or Wi-Fi, and to allow the terminal device to transmit information input through a keyboard or a mouse to the host. These types of products have been utilized so as to allow a user to access multiple computers via Virtual Desktop Infrastructure (VDI) service and to be provided with the service or to manage information. Since these products have the possibility of improving security due to the characteristics of VDI, in which important information is not stored in a terminal, they have attracted attention.
However, in typical cases, these products may function not only to provide information personally input/output by a user to the screen of an accessed terminal, but also to run various types of application programs, and thus the terminal is inevitably present as a complicated non-preemptive Operating System (OS). Consequently, a security hole is inevitably present in the terminal, and various types of security programs for compensating for such a security hole must be installed on the terminal. However, in spite of this, the possibility of the information stored in the terminal being leaked is not completely eliminated, but inevitably remains. For example, in the case of an existing product which transmits a screen from PC_0 to PC_1 using a USB connection and transmits information about an input device connected to PC_1 to PC_0, sensitive information from PC_1 may be leaked to PC_0 through the use of a timing field or a reserved field while the input device information is being transmitted.
Therefore, enterprise or government agencies which handle important information must unavoidably adopt a scheme in which the networks are separated and PCs are divided for an external network and an internal network and then used. A Keyboard-Video Monitor-Mouse (KVM) is the only scheme for providing convenience to the user in this system, and is configured such that interference between PCs is fully eliminated by physically separating input/output devices. By means of this, complete security may be consequently realized, but this scheme is not efficient due to very complicated tasks including data copying. That is, this scheme is a solution for completely blocking the leakage of information to the outside when a closed network and the Internet are used together. However, it is impossible to update applications on PCs connected to a closed network, and there is difficulty in that all management operations for the closed network must be individually performed using a manual operation through a third storage medium. That is, it is apparent that it is impossible to execute a web browser or other application programs on a PC in a No. 0 network and a PC in a No. 1 network, and to perform tasks of attempting to capture, copy or paste information between application programs.